On 12/14/05, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
Tom London wrote:
> On 12/14/05, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
>
>> Tom London wrote:
>>
>>> Running latest rawhide (selinux-policy-targeted-2.1.5-1):
>>>
>>> My login shell appears to be running as rpm_script_t.
>>>
>>> Did I do something funny?
>>> tom
>>>
>>> [tbl@tlondon ~]$ ps Z
>>> LABEL PID TTY STAT TIME COMMAND
>>> user_u:system_r:rpm_script_t:s0 3193 pts/1 Ss 0:00 bash
>>> user_u:system_r:rpm_script_t:s0 3195 pts/2 Ss 0:00 bash
>>> user_u:system_r:rpm_script_t:s0 3922 pts/2 R+ 0:00 ps Z
>>> [tbl@tlondon ~]$
>>>
>>> --
>>> Tom London
>>>
>>> --
>>> fedora-selinux-list mailing list
>>> fedora-selinux-list(a)redhat.com
>>>
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>>
>>>
>> What did you login using? Looks like a bad default_context file.
>>
>>
> Standard graphical login.
>
> Ah. I seem to have a default_contexts.rpmnew. Here are the diffs:
>
> --- default_contexts 2005-12-13 14:14:45.000000000 -0800
> +++ default_contexts.rpmnew 2005-12-08 13:58:07.000000000 -0800
> @@ -1,9 +1,9 @@
> -system_r:crond_t:s0 system_r:unconfined_t:s0
> +system_r:xdm_t:s0 system_r:unconfined_t:s0
> +system_r:unconfined_t:s0 system_r:unconfined_t:s0
> system_r:initrc_t:s0 system_r:unconfined_t:s0
> system_r:local_login_t:s0 system_r:unconfined_t:s0
> system_r:remote_login_t:s0 system_r:unconfined_t:s0
> system_r:rshd_t:s0 system_r:unconfined_t:s0
> +system_r:crond_t:s0 system_r:unconfined_t:s0
> system_r:sshd_t:s0 system_r:unconfined_t:s0
> system_r:sysadm_su_t:s0 system_r:unconfined_t:s0
> -system_r:unconfined_t:s0 system_r:unconfined_t:s0
> -system_r:xdm_t:s0 system_r:unconfined_t:s0
>
> Is order 'important'?
>
> tom
> --
> Tom London
>
No. Is gdm running as xdm_t?
--
[root@tlondon contexts]# ps agxZ | grep gdm
system_u:system_r:xdm_t:s0-s0:c0.c255 2968 ? S 0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3000 ? S 0:00
/usr/sbin/gdm-binary -nodaemon
system_u:system_r:xdm_t:s0-s0:c0.c255 3005 tty7 Ss+ 3:17
/usr/bin/Xorg :0 -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7
root:system_r:ldconfig_t:s0-s0:c0.c255 5270 pts/1 R+ 0:00 grep gdm
ldconfig_t for 'grep'? (This is running as a 'su -' root).
Something funny. I'll reboot.
tom
--
Tom London